W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

RE: confidentiality and the referer field

From: Michael Giroux <mgiroux@worldnet.att.net>
Date: Thu, 26 Jun 1997 19:31:35 -0700
Message-Id: <01BC8267.904DEE40.mgiroux@worldnet.att.net>
To: "'David W. Morris'" <dwm@xpasc.com>, Hallam-Baker <hallam@ai.mit.edu>
Cc: "http-wg@cuckoo.hpl.hp.com" <http-wg@cuckoo.hpl.hp.com>
On Thursday, June 26, 1997 12:39 PM, David W. Morris [SMTP:dwm@xpasc.com] 
wrote:

> > Specifically I I have a confidential document P that links to Q I may
> > want
> > to instruct browsers not to pass on the referer field. It seems to me
> > that
> > this would be an easy enhancement to add to the spec but what the best
> > way of transporting this information is I'm not sure.
>
> Well it would fit fairly nicely in the set of browser behaviors controlled
> by the UA-Hint header proposed by my draft on that subject.
>
> Dave Morris

Could this also be addressed with the <BASE> tag?  It would seem that an 
author could provide a <BASE> on page P that effectively hides the actual 
URL.  This would of course have an effect on relative links on this page, but 
if security is the issue, and the page has absolute, or at least server 
relative links, then the true base is not important.

Michael Giroux
Received on Thursday, 26 June 1997 19:38:33 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:45 EDT